Cloud Security – Phishing

By June 21, 2018Blog

Cloud security is comprised of two different areas, each of equal importance. First is the security of your cloud provider (the company who provides the service that stores your information in the cloud) and second is your own security practices.

It is wise to have hardened security practices for your business, regardless of where your data resides. A lot of the issues around security are no longer technology issues, they are human issues. Jasmine W. Gordon, contributor to Tektonika, shares the following in her security post:

“Snapchat. Home Depot. The City of Calgary. What do these three entities (and countless other organizations) have in common? Data security breaches from human error, unfortunately. Each one of them faced expensive incidents as the result of simple employee mistakes.”

Don’t think for a minute “I am too small to be attacked”, because it happens to individuals and companies regardless of size, location(s) or revenue. One way to protect your company from human error is understanding and preventing phishing.

Phishing, pronounced “fishing”, is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers. An example of this is I receive emails from my bank letting me know my account password needs to be reset, providing a link to login and reset it. The email looks like it comes from my bank, however, the link they are directing me to is not my bank. Odds are if I click the link I will be directed to a site that also will look like my bank’s web site allowing me to login. Simple enough, now someone has my bank login credentials.

Tips: Hover your mouse over a link and verify the actual URL is the same as what the email shows. Be cautious, the link may look the same only off by a few letters. Another tip for businesses is to consider a phishing simulation. This is an effective way to test your employees’ security awareness and susceptibility to phishing tactics.

Next Up: Security questions you should ask your cloud provider.

Click here for our previous post, “What is the Cloud and is it Safe?”